华夏ERP越权任意用户密码重置漏洞
免费、自由、人人(PwnWiki.Com)可编辑的漏洞库 , FOFA title="华夏ERP" EXP POST /user/resetPwd HTTP/1.1 Host: 47.116.69.14 Accept: applicatio ...
标签:ERP
以下是与标签“ERP”相关联的文章
-
-
华夏ERP授权绕过漏洞(二)
免费、自由、人人可编辑的漏洞库--PwnWiki.com , FOFA title="华夏ERP" POC import sys,requests def main(ip): url = "{ip}/user/login/../../use ...
-
华夏ERP授权绕过漏洞
免费、自由、人人可编辑的漏洞库 , POC python3 poc.py http://ip:port import sys,requests def main(ip): url = "{ip}/a.css/../user/getUserL ...
-
华夏ERP命令执行漏洞
PWNWIK.COM , POC import socket,sys,re def SendGet(res,ip,port): request = re.sub('\r\n','\r\n',res) port = int(port) soc ...
-
华夏ERP SQL注入漏洞
免费、自由、人人可编辑的漏洞库--pwnwiki.com , Payload GET /user/list?search=%7B%22userName%22%3A%22'and+sleep(3)--%22%2C%22loginName%22 ...
-
PhreeBooks ERP 5.2.3 远程命令执行漏洞
免费、自由、人人可编辑的漏洞库--pwnwiki.com , EXP # Exploit Title: PhreeBooks ERP 5.2.3 - Remote Command Execution # Date: 2010-04-03 # ...
-
PhreeBooks ERP 5.2.3 任意文件上传漏洞
免费、自由、人人可编辑的漏洞库--pwnwiki.com , EXP PhreeBooks ERP v5.2.3 - Arbitrary File Upload # Date: 03.04.2019 # Exploit Author: Ab ...
-
In4Suit ERP 3.2.74.1370 – ‘txtLoginId’ SQL注入漏洞
PWNWIK.COM , EXP # Exploit Title: In4Suit ERP 3.2.74.1370 - 'txtLoginId' SQL injection # Date: 18/05/2021 # Exploit Auth ...